In the e-business chain, the last link that needs to be convinced of the security of an online transaction is the end-user. That is why this article puts forward a user-centred perspective of the problem of trust in online payments, derived from the discipline of Human-Computer Interaction (HCI). We will first offer a general account of e-commerce system design, showing that there is more to trust than only security. The last part gives some recommendations on what can be done to increase consumers’ trust.

Trust: More than Security

When examining barriers to the adoption of e-commerce, numerous studies have singled out consumers’ lack of trust as a major factor. Some people reduce the trust problem to one of security, arguing that, if security issues are resolved, people will be happy to transact online. However, when the trust problem is broken down into its constituents, privacy, ease-of-use or the credibility of information on the web are revealed to be as important to consumers as security.

As far as the introduction of a new e-payment system is concerned, one should not underestimate the power of the media and reputable institutions in approaching consumers and assuring them of the system’s security. Since the average consumer is unlikely to be able to assess the objective security of, say, an encryption algorithm, this issue remains, to a large extent, one of trust – namely trust in familiar information sources. Thus, a well-orchestrated marketing effort would help give consumers enough pre-interactional trust to understand, accept and use the new system.

Meeting Consumers’ Trust Concerns

What has been observed in user tests of e-commerce web sites is that the assessment of security typically happens very late in the trustworthiness evaluation process – namely, just before placing the order. Of course, most of the interaction with a commercial web site aims at establishing whether a particular merchant offers products or services that meet the customer’s needs. While looking for information, a number of cues are picked up by the user – in both explicit and implicit ways. These cues, be they graphical or textual, give an indication of the merchant’s professionalism and competence. It is only when a transaction is envisaged that medium-trust customers will explore the terms and conditions, as well as privacy and security policies.

This risk assessment phase goes much further than merely assessing the security of online payments – it covers the handling of confidential data by the company, warrantees and after-sales service, as well as the customer’s liability in case of fraud.

In terms of user interface design, one should therefore not assume that having a padlock appear at the bottom of the browser is enough to make customers feel safe to transact. Having detailed step-by-step payment procedures with links to additional security information is likely to work better than having a system that offers inadequate feedback and, thus, limited control. Presenting key information in an understandable way where and when consumers need it most is an information architecture challenge fit for HCI design.

Top-Down & Bottom-Up Design

To maximise the adoption of a new e-payment system, it is crucial that the human factor be actively and systematically taken into account during the design of that system. A top-down approach is one that centres primordially on business strategy and commercial arguments. Most importantly, it also implies a heavy stress on the development of new security solutions in terms of hard- and software. Thus, a top-down approach may very well produce a system that works efficiently but it does not guarantee that the system will be trusted and used.

A bottom-up approach centres around the system’s end-users – not only on their functional requirements, as it is the case in traditional ergonomics or HCI, but also on their preferences, concerns and expectations. It is noteworthy that such a user-centred approach does not only inform the design of the user interface. Indeed, it also gives valuable insight into how and via which communication channels the system should be presented when it is launched.

The bottom-up design approach can be very effective to test the acceptance of new payment technologies by consumers. For example, the ING Direct bank of Canada has conducted extensive testing of people’s reactions to using a biometric device for authentication in their electronic banking system. The system included a thumbprint scanner embedded in a computer mouse and developers were unsure whether people would accept this technology in exchange for a higher level of security. The user tests indicated that their customers were actually quite receptive to this technology and not as concerned about issues of privacy when using the biometric devices as had been expected.

Designing the Trust Experience

Trust in payment systems is influenced by factors such as anonymity, security, reliability, the amount of control that users have, as well as the reputation of the entity that introduces the system. Below, we introduce a number of guidelines that address the different facets of security required for e-payment systems in an Internet environment. Issues of trust and security are connected to exchange, storage and management of the payment- and user-specific information. To engineer a certain level of trust in terms of perceived security, one should:

Take into account the context of use and domain of application of the system being designed. Context of use can be viewed as an important requirement for the design. Different applications require diverse levels of security. Buying flowers can be done with a credit card with basic cryptographic protection, while electronic banking needs more sophisticated authentication and security mechanisms. Provide a clear and prominent policy on security: – Provide clear visibility of the security techniques employed. These should clearly be explained to the end-user. This can be done by providing textual information describing which security solutions have been implemented, as well as by displaying the logos of reputed institutions or solution providers.

Explain security measures in management and storage of the data.

Establish customer support line on security related issues.

Supply regular information updates on changes and upgrades in security.

Take into consideration security issues specific to the type of payment system.

Address security issues specific to a single payment and to the system’s operations in general: E.g. provide the ability to deactivate passwords or block accounts offline.

Giving user access to their data, allowing them to change it, and timely delete outdated information can assist in building trust relations with customers.

Be aware of trade-offs between security and ease of use.

Too heavy solutions may hamper ease of use and have a negative influence on trust. In addition, the use of extra hardware and software components may be seen as an additional barrier to adoption, given the lack of convenience and the costs involved. This would complicate the process of acquiring new customers and vendors and, thus, reduce the customer base. This may be one of the reasons why SET has not been popular so far. Hopefully, solutions where intrusion in customers’ paying experience is minimised will gain more popularity, especially if they help to solve some of the vendors’ problems, such as chargebacks. Possible candidates for such acceptance are ‘Verified by Visa’ or MasterCard’s SPA.

Try to minimise the security costs (both financial and temporal) imposed on users.

Create a security management culture. This can be done by educating employees and implementing strict information handling policies within the company.

Have a trust recovery plan in the event of a security breach likely to undermine trusted relationships with customers. In many cases such a plan will consists of enacting the company’s trust policies, providing financial compensation, as well as reassuring customers through the media.